MikroTik

Community discussions
https://forum.mikrotik.com/

IP Isolation

https://forum.mikrotik.com/viewtopic.php?t=133476

Page 1 of 1

IP Isolation

Posted: Sat Apr 21, 2018 11:36 pm
by goriteam
hello i am beginner, i have 2 IP DHCP and i want to make Isolation,
IP1=10.10.0.1/16
IP2=192.168.1.1/24
and how to make user1 10.10.1.15 can't go user 2 192.168.1.14

Re: IP Isolation

Posted: Mon Apr 23, 2018 6:39 pm
by Plutone
1st rule)
Prevent 10.10.1.15 to perform connection to 192.168.1.14
ip firewall filter add action=drop src-address=10.10.1.15 dst-address=192.168.1.14 chain=forward

2nd rule)
Prevent 192.168.1.14 to perform connection to 10.10.1.15
ip firewall filter add action=drop src-address=192.168.1.14 dst-address=10.10.1.15 chain=forward

Re: IP Isolation

Posted: Mon Apr 23, 2018 8:56 pm
by anav
Do you want single user access to single user access blocked or was that only an example and you want the TWO LANS to be isolated from each other.

If the latter, the rules implemented above wont work if they are all on the same LAN interface list from my limited understanding. The IP firewall rules will work at layer3 only but not at layer 2.
Suggest putting one LAN on a bridge and the other not on the bridge or use two separate bridges which will block at layer 2.

I might have that mixed up but thats what happens when you get advice from fellow newbies. :-)
All times are UTC+02:00
Page 1 of 1
Powered by phpBB® Forum Software © phpBB Limited
https://www.phpbb.com/